T
DataToolings

AES Encrypt & Decrypt

Encrypt and decrypt text with AES-256-GCM or AES-CBC online

Encrypt

Decrypt

What is AES Encryption?

AES (Advanced Encryption Standard) is the most widely used symmetric encryption algorithm. This tool uses AES-256, which uses a 256-bit key derived from your password via PBKDF2 (100,000 iterations, SHA-256). It supports two modes: AES-GCM (authenticated encryption, recommended) and AES-CBC (legacy compatibility). All processing uses the browser's native Web Crypto API — your data never leaves your device.

How to Use AES Encrypt & Decrypt

  1. Enter a password (the same password is required for both encryption and decryption)
  2. Choose mode: AES-GCM (recommended) or AES-CBC
  3. To encrypt: paste your plaintext, click Encrypt, copy the output
  4. To decrypt: paste the encrypted ciphertext, click Decrypt to recover the original

Features

  • AES-256-GCM (authenticated — detects tampering) and AES-256-CBC modes
  • Password-based key derivation via PBKDF2 (100,000 iterations)
  • Random salt and IV generated per encryption for full security
  • Compact portable format: salt.iv.ciphertext (Base64)
  • Uses browser-native Web Crypto API — no external libraries
  • 100% client-side — nothing is sent to any server

Frequently Asked Questions

AES-GCM vs AES-CBC — which should I use?

Use AES-GCM for all new applications. It provides authenticated encryption — it detects if the ciphertext was tampered with, and decryption will fail rather than silently return garbage.AES-CBC is older and lacks authentication; use it only for compatibility with legacy systems.

Can I decrypt ciphertext encrypted elsewhere?

Only ciphertext produced by this tool (in the salt.iv.cipher format) can be decrypted here. Cross-tool compatibility requires matching the key derivation, IV packing, and encoding conventions exactly.

Is my password safe?

Yes. Everything runs entirely in your browser. Your password and plaintext are never transmitted anywhere. The salt is random per encryption, so the same password and plaintext produce different ciphertext every time.

What if I forget my password?

There is no way to recover data without the correct password. AES-256 with PBKDF2 is designed to be computationally infeasible to brute-force with a strong password. Keep your password safe.